Package: torcs
Version: 1.2.4-2
Tags: patch
The torcs XML writing code does not check for invalid characters when
saving preferences.xml, although entities (<, >, &) are
properly parsed when reading the file. If these charactes are used
for controls, torcs crashes due to problems parsing the XML.
Please find attached a patch which addresses this issue, generated in
response to a bug reported to Ubuntu
(https://bugs.launchpad.net/ubuntu/+source/torcs/+bug/4736).
--
Emmet HIKORY
--- src/libs/tgf/params.cpp.orig 2007-01-22 16:43:35.000000000 +0900
+++ src/libs/tgf/params.cpp 2007-01-22 16:45:52.000000000 +0900
@@ -31,6 +31,7 @@
#include <unistd.h>
#endif
#include <math.h>
+#include <string.h>
#include <xmlparse.h>
#ifdef WIN32
@@ -1179,7 +1180,18 @@
}
s += sprintf (s, "\"");
}
- sprintf (s, " val=\"%s\"/>\n", curParam->value);
+ if (! strcmp(curParam->value,"<")) {
+ sprintf (s, " val=\"<\"/>\n");
+ }
+ else if (! strcmp(curParam->value,">")) {
+ sprintf (s, " val=\">\"/>\n");
+ }
+ else if (! strcmp(curParam->value,"&")) {
+ sprintf (s, " val=\"&\"/>\n");
+ }
+ else {
+ sprintf (s, " val=\"%s\"/>\n", curParam->value);
+ }
outCtrl->curParam = GF_TAILQ_NEXT (curParam, linkParam);
return 1;
